cve-2019-9803
Vulnerability from cvelistv5
Published
2019-04-26 16:13
Modified
2024-08-04 22:01
Severity ?
EPSS score ?
Summary
The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox < 66.
References
▼ | URL | Tags | |
---|---|---|---|
security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=1437009 | Issue Tracking, Vendor Advisory | |
security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=1515863 | Issue Tracking, Permissions Required, Vendor Advisory | |
security@mozilla.org | https://w3c.github.io/webappsec-upgrade-insecure-requests/ | Third Party Advisory | |
security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2019-07/ | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=1437009 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=1515863 | Issue Tracking, Permissions Required, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://w3c.github.io/webappsec-upgrade-insecure-requests/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.mozilla.org/security/advisories/mfsa2019-07/ | Vendor Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:01:54.714Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2019-07/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1515863" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1437009" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://w3c.github.io/webappsec-upgrade-insecure-requests/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "66", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox \u003c 66." } ], "problemTypes": [ { "descriptions": [ { "description": "Upgrade-Insecure-Requests incorrectly enforced for same-origin navigation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-04-26T16:13:22", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2019-07/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1515863" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1437009" }, { "tags": [ "x_refsource_MISC" ], "url": "https://w3c.github.io/webappsec-upgrade-insecure-requests/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2019-9803", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "66" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox \u003c 66." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Upgrade-Insecure-Requests incorrectly enforced for same-origin navigation" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2019-07/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2019-07/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1515863", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1515863" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1437009", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1437009" }, { "name": "https://w3c.github.io/webappsec-upgrade-insecure-requests/", "refsource": "MISC", "url": "https://w3c.github.io/webappsec-upgrade-insecure-requests/" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2019-9803", "datePublished": "2019-04-26T16:13:22", "dateReserved": "2019-03-14T00:00:00", "dateUpdated": "2024-08-04T22:01:54.714Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-9803\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2019-04-26T17:29:03.257\",\"lastModified\":\"2024-11-21T04:52:20.473\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox \u003c 66.\"},{\"lang\":\"es\",\"value\":\"La especificaci\u00f3n de Upgrade-Insecure-Requests (UIR) establece que si la UIR se habilita mediante Content Security Policy (CSP), la navegaci\u00f3n a una URL del mismo origen debe actualizarse a HTTPS. Firefox navegar\u00e1 incorrectamente a una URL HTTP en lugar de realizar la actualizaci\u00f3n de seguridad solicitada por el CSP en algunas circunstancias, lo que permite posibles ataques de intermediarios en los recursos vinculados. Esta vulnerabilidad afecta a Firefox versi\u00f3n anterior a la 66.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-346\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"66.0\",\"matchCriteriaId\":\"DF5B7642-9E9D-4578-9120-B95A6B198177\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1437009\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1515863\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://w3c.github.io/webappsec-upgrade-insecure-requests/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2019-07/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1437009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1515863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://w3c.github.io/webappsec-upgrade-insecure-requests/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2019-07/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.